WannaCry is still fresh in our memory, reminding organizations of how distractive an unpatched vulnerability can be especially if weaponized as a wormable threat that delivers ransomware. BlueKeep has been estimated to have the same disruptive potential as EternalBlue (the exploit responsible for WannaCry) if sporting worm-like behavior, especially since RDP is a commonly used service in organizations, allowing IT and security teams to remotely dial into machines.
Hardly a day goes by without a high-profile institution or company announcing that its files have been hacked. Such data breaches can cause financial losses and affect an organization’s reputation for years. A look at high-profile victims like Equifax, Marriot, and British Airways shows they all lacked a clear and complete understanding of their attack surface and the presence of risky endpoints.
High-profile security breaches come every week, creating a guessing game of who will make the headlines next. Recent compromises include Equifax, Marriot, and British Airways, which just received the largest fine in GDPR history for the breach of its customer financial data.
Sophisticated threats remain one of the main concerns in enterprises today. As environments grow in complexity, malware actors find innovative ways to infiltrate overlooked entry points in the network, hiding behind the scenes to wreak havoc without ever making a full-blown appearance.
Insider threats are nothing to joke about -- they are a real danger to companies worldwide, who often neglect them. In fact, they rank among the top six threats of 2018, according to statistics. A company will spend at least $8 million yearly on insider threats, the Ponemon Institute has found.
The headlines love to talk about sophisticated hacking gangs, exploiting zero-day vulnerabilities to break their way into businesses and steal corporate data.
Bitdefender has recently investigated a series of advanced cyberattacks aimed at financial institutions, designed to covertly exfiltrate massive amounts of money in coordinated strikes.
While we’ve just passed the halfway mark of 2018, data breaches and new threats have been plaguing businesses and organizations, exposing the data of millions of users worldwide. Apart from known and increasingly sophisticated threats, such as ransomware, the hype around cryptocurrency has led to the emergence of cryptojackers, a new problem organizations need to deal with.
That’s the conclusion of at least one cybersecurity services provider. According to Risk Based Security, following year over year increases in the number of publicly reported data breaches, the first three months of 2018 saw a respectable decline. But while the numbers look good, they may reflect a change in criminal targeting and goals and less an indication that cyber-criminals are waving white flags.
Last week the team behind Git, a platform that powers millions of the world's developer code repositories--including those on the wildly popular GitHub hosted service--released a crucial security update meant to keep developer environments safe. The patch was made to fix a flaw in how Git handles submodule repository configuration during cloning. It's a dangerous hole that could give attackers the power to create malicious Git repositories and leverage them to run arbitrary code execution on target developer machines.
What’s a leading indicator that an organization may invest in biometric authentication? It turns out that it’s a data breach.
After years of hype, 2018 may finally see the start of the mainstream adoption of software-defined networking (SDN). And with it, network virtualization and software defined data centers (SDDC) could be on the cusp of big breakthroughs. So say the results of the new research from Enterprise Management Associates (EMA).
